sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-08 04:58:40 +03:00
Code

modules: Use wrapper for string to integer conversion

Browse Source 
In order to detect an value overflow error during
the string to integer conversion with strtoul/strtoull,
the errno variable must be set to zero before the execution and
checked after the conversion is performed. This is achieved by
using the wrapper function strtoul_err and strtoull_err.

Signed-off-by: Swen Schillig <swen@linux.ibm.com>
Reviewed-by: Ralph Böhme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This commit is contained in:
Swen Schillig 2019-01-28 14:30:15 +01:00 committed by Jeremy Allison
parent fdd5297926
commit c067429c32
3 changed files with 13 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
source3/modules/vfs_preopen.c
View File

@ -345,6 +345,7 @@ static bool preopen_parse_fname(const char *fname, unsigned long *pnum,
const char *p;
char *q = NULL;
unsigned long num;
int error = 0;
p = strrchr_m(fname, '/');
if (p == NULL) {
@ -363,7 +364,10 @@ static bool preopen_parse_fname(const char *fname, unsigned long *pnum,
return false;
}
num = strtoul(p, (char **)&q, 10);
num = strtoul_err(p, (char **)&q, 10, &error);
if (error != 0) {
return false;
}
if (num+1 < num) {
/* overflow */

5
source3/modules/vfs_snapper.c
View File

@ -1218,6 +1218,7 @@ static NTSTATUS snapper_snap_path_to_id(TALLOC_CTX *mem_ctx,
char *str_idx;
char *str_end;
uint32_t snap_id;
int error = 0;
path_dup = talloc_strdup(mem_ctx, snap_path);
if (path_dup == NULL) {
@ -1250,8 +1251,8 @@ static NTSTATUS snapper_snap_path_to_id(TALLOC_CTX *mem_ctx,
}
str_idx++;
snap_id = strtoul(str_idx, &str_end, 10);
if (str_idx == str_end) {
snap_id = strtoul_err(str_idx, &str_end, 10, &error);
if (error != 0 || str_idx == str_end) {
talloc_free(path_dup);
return NT_STATUS_INVALID_PARAMETER;
}

6
source3/modules/vfs_unityed_media.c
View File

@ -103,6 +103,7 @@ static bool get_digit_group(const char *path, uintmax_t *digit)
char *endp = NULL;
codepoint_t cp;
size_t size;
int error = 0;
DEBUG(10, ("get_digit_group entering with path '%s'\n",
path));
@ -120,7 +121,10 @@ static bool get_digit_group(const char *path, uintmax_t *digit)
return false;
}
if ((size == 1) && (isdigit(cp))) {
*digit = (uintmax_t)strtoul(p, &endp, 10);
*digit = (uintmax_t)strtoul_err(p, &endp, 10, &error);
if (error != 0) {
return false;
}
DEBUG(10, ("num_suffix = '%ju'\n",
*digit));
return true;